Proposal: Personal Data Encryption (maybe SoC?)
Jim McDonald
Jim at mcdee.net
Tue Mar 20 01:35:54 CET 2007
Joe Pfeiffer wrote:
[Encrypting data]
> We certainly want a global scheme -- but I think we do want a
> per-data-item granularity. I've certainly got things on my phone
> whose protection I don't care about (shopping lists) and other things
> that have legal implications (notes on how various students' class
> presentations went). I want to be able to choose "save this encrypted"
> vs. "save this", and then when I access data I've encrypted I have to
> enter the password.
>
>
Yep but on the flipside if you have some data that you want encrypted
then encrypting all of it won't do any harm (perhaps a slightly slower
response time, and assuming some sort of key caching going on the
occasional entering of a decryption token, perhaps on unlock and 'phone
startup?). Having to choose for each piece of data if it is encrypted
or not, and having to handle that in every application individually, is
a great example of where choice can be too much. I think that having a
single system-wide setting and handling it appropriately (and far enough
down the stack so that applications don't have to worry about it) would
provide a simple and uniform approach to this problem without
continually asking the user to decide which data is to be encrypted and
which not.
Cheers,
Jim.
More information about the community
mailing list